[Gllug] [OT] Reporting security vulnerabilities

Martyn Drake martyn at drake.org.uk
Wed Sep 29 11:11:28 UTC 2010


On 29 September 2010 08:33, James Courtier-Dutton
<james.dutton at gmail.com> wrote:

> The company in question is Sky TV.

Sky or Easynet?  If it's actually Easynet, I'd let the schwinehunds suffer.

I've done this sort of thing before.  When Terry Gilliam launched
Tideland, I discovered that the official web site's server was about
as secure as a chocolate teapot on a hot day (in part due to the fact
they were using an obsolete operating system - and had telnet access
enabled when I checked).  Sent an email to their webmasters.  Didn't
get any response, but the issue was patched up within a day.  The
question is: what was I doing sniffing around their server?   Some
form of error generated revealed the problem, IIRC.  Then a bit more
investigation got the rest.  I don't tend to sniff around unless I
have damn good reason to do so.

Still haven't seen Tideland yet.

Mart
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list